Solved: Re: Cannot see application health in DNAC

sroic · ‎11-16-2022

Hi,

We are trying to get application health to be seen in DNAC. We currently see only usage and throughput, it's missing other parameters to calculate it.

Considering our employees are mostly using wifi it would make sense to configure netflow on WLC. So we are trying to configure AVC on 9800-CL WLC but without success. I found this guide:https://community.cisco.com/t5/networking-blogs/visualize-application-experience-from-catalyst-9800-wlc-in-cisco/ba-p/4305884 which looks pretty straightforward but the instructions are a bit vague. Our setup is for scenario no.2 and here it states that we should use command "record wireless avc ipv4 assurance" on the monitor and that we add two monitors for the same wireless profile policy. But this is valid only if the APs are in local mode according to this doc: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/application-visibility-and-control.html

We have APs in Flex mode and I tried with "record wireless avc basic" also but without success. On "show flow exporter statistics" I see some data is being sent out but nothing showing up on DNAC, meanwhile local exporter works.

Also most of this commands for exporter just went missing after applying monitor to the interface (except destination and port):

flow exporter avc_exporter
destination DNA_IP
  source GigabitEthernet1
  transport udp 6007
  export-protocol ipfix
  option vrf-table timeout 300
  option ssid-table timeout 300
  option application-table timeout 300
  option application-attributes timeout 300

Is there some sample configuration for FlexConnect mode APs and already preconfigured WLC? Is the protocol to be used ipfix or netflow v9?

I also found this post https://community.cisco.com/t5/cisco-digital-network-architecture-dna/dnac-assurance-does-not-show-application-info/m-p/4689902

which says you can check DNAC Grafana dashboard to see if the data is being received. And there I can only see our switches IPs, no WLC (although application health is not showing from any device):

But on WLC if I do "show flow exporter" I see the data is being sent:

wlc-a#show flow exporter
Flow Exporter avc_exporter:
Description: User defined
Export protocol: NetFlow Version 9
Transport Configuration:
Destination type: IP
Destination IP address: X.X.X.X
Source IP address: Y.Y.Y.Y
Source Interface: GigabitEthernet1
Transport Protocol: UDP
Destination Port: 6007
Source Port: 50111
DSCP: 0x0
TTL: 255
Output Features: Used

Also we tried configuring WLC via DNAC by just enabling/disableing telemetry as mentioned in offical docs but that doesn't work. Any ideas how to troubleshoot this further?

PabMar · ‎11-16-2022

sroic,

So this is the user guide for your version.

AFAIK, for WLANs created by DNAC Application Vis/exp should get enabled automatically.

For "brownfield" WLANs manually created on the WLC, adding "lan" keyword (prefix or suffix) to the profile name causes DNAC to enable it.

Have you tried the "lan" keyword so far?

I see you mention you have your APs in Flex mode. For flex mode only you get app visibility, for central switching on the other hand you get app experience.

Hope that helps.

Regards.

View solution in original post

Dan Rowe · ‎11-16-2022

IOS-XE 17.10 will provide support for Application Experience telemetry data (ART metrics) for Flex & Fabric SSIDs.

View solution in original post

PabMar · ‎11-16-2022

Hi sroic,

What DNAC version is this?

From the Assurance guide for 2.3.3, Application visibility on 9800 on Flex/Fabric deployments and Application Experience (Loss,Jitter,Latency) Central switching/Local SSIDs.

Also pay attention at the criteria for enabling application telemetry.

Hope that helps.

Regards.

sroic · ‎11-16-2022

Hi PabMar,

thanks for the feedback. I forgot to write the versions, DNAC is 2.2.3.6 and WLC is 17.6.4.

Regarding this criteria with "lan" keyword you mentioned I have seen it but there was some reason why I assumed it shouldn't be applied to our case. I think it's only for WLAN profiles provisioned from DNAC directly iirc, and we have brownfield environment where we only added WLC to DNAC after it was already configured

PabMar · ‎11-16-2022

sroic,

So this is the user guide for your version.

AFAIK, for WLANs created by DNAC Application Vis/exp should get enabled automatically.

For "brownfield" WLANs manually created on the WLC, adding "lan" keyword (prefix or suffix) to the profile name causes DNAC to enable it.

Have you tried the "lan" keyword so far?

I see you mention you have your APs in Flex mode. For flex mode only you get app visibility, for central switching on the other hand you get app experience.

Hope that helps.

Regards.

sroic · ‎11-16-2022

To be honest I haven't even tried. It's not an issue to try but the second part of your answer has caught my eye. We don't use central switching because our controller is in cloud and our offices are spread in different countries. So without that no application health whatever we configure?

Dan Rowe · ‎11-16-2022

IOS-XE 17.10 will provide support for Application Experience telemetry data (ART metrics) for Flex & Fabric SSIDs.

sroic · ‎11-17-2022

Thx Dan! Can't find that requirement for central switching in the docs actually

sroic · ‎11-17-2022

Scratch that, found it:

Thank you both for the feedback!